gitee
/
spring-oauth-server
mirror of https://gitee.com/shengzhao/spring-oauth-server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

(118) - Add java-config(零配置) 的支持

2.0.0
Li Shengzhao 2016-04-04 19:56:16 +08:00
parent c636a7a672
commit 48eb5e6575
5 changed files with 134 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/com/monkeyk/sos/config/AuthorizationServerConfigurer.java
View File

@ -20,8 +20,8 @@ import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
* @author Shengzhao Li
*/
//AuthorizationServer
@Configuration
@EnableAuthorizationServer
//@Configuration
//@EnableAuthorizationServer
public class AuthorizationServerConfigurer extends AuthorizationServerConfigurerAdapter {
// @Autowired

112
src/main/java/com/monkeyk/sos/config/OAuth2ServerConfig.java Normal file
View File

@ -0,0 +1,112 @@
package com.monkeyk.sos.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
/**
* 2016/4/4
*
* @author Shengzhao Li
*/
@Configuration
public class OAuth2ServerConfig {
// unity-resource
@Configuration
@EnableResourceServer
protected static class UnityResourceServerConfigurer extends ResourceServerConfigurerAdapter {
@Autowired
private AccessDecisionManager oauth2AccessDecisionManager;
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
resources.resourceId("unity-resource").stateless(false);
}
@Override
public void configure(HttpSecurity http) throws Exception {
// final DefaultWebSecurityExpressionHandler expressionHandler = new DefaultWebSecurityExpressionHandler();
// expressionHandler.setExpressionParser();
http.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.NEVER)
.and()
.requestMatchers().antMatchers("/unity/**")
.and()
.authorizeRequests()
// .expressionHandler(expressionHandler)
.antMatchers("/unity/**")
// .access("hasRole('ROLE_UNITY') and hasRole('SCOPE_READ')")
.access("#oauth2.clientHasRole('ROLE_UNITY') and #oauth2.isClient() and #oauth2.hasScope('read')")
.accessDecisionManager(oauth2AccessDecisionManager)
.and().csrf().disable();
}
}
//AuthorizationServer
@Configuration
@EnableAuthorizationServer
protected static class AuthorizationServerConfigurer extends AuthorizationServerConfigurerAdapter {
// @Autowired
// private DefaultTokenServices tokenServices;
@Autowired
private UserApprovalHandler userApprovalHandler;
@Autowired
private AuthorizationCodeServices authorizationCodeServices;
@Autowired
private ClientDetailsService clientDetailsService;
@Autowired
private OAuth2AccessDeniedHandler oauth2AccessDeniedHandler;
// @Autowired
// private OAuth2AuthenticationEntryPoint oAuth2AuthenticationEntryPoint;
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.withClientDetails(clientDetailsService);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.userApprovalHandler(userApprovalHandler)
// .tokenServices(tokenServices)
.authorizationCodeServices(authorizationCodeServices);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.accessDeniedHandler(oauth2AccessDeniedHandler)
// .authenticationEntryPoint(oAuth2AuthenticationEntryPoint)
.allowFormAuthenticationForClients();
security.realm("spring-oauth-server_realm");
}
}
}

32
src/main/java/com/monkeyk/sos/config/ServletInitializer.java
View File

@ -2,8 +2,11 @@ package com.monkeyk.sos.config;
import com.monkeyk.sos.web.filter.CharacterEncodingIPFilter;
import com.opensymphony.sitemesh.webapp.SiteMeshFilter;
import org.springframework.util.ClassUtils;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
import org.springframework.web.filter.DelegatingFilterProxy;
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
import org.springframework.web.servlet.support.AbstractDispatcherServletInitializer;
import org.springframework.web.util.Log4jConfigListener;
import javax.servlet.ServletContext;
@ -18,22 +21,9 @@ import javax.servlet.ServletException;
*
* @author Shengzhao Li
*/
public class ServletInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
public class ServletInitializer extends AbstractDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[]{ContextConfigurer.class,
WebSecurityConfigurer.class,
AuthorizationServerConfigurer.class,
UnityResourceServerConfigurer.class};
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[]{WebMvcConfigurer.class};
}
@Override
protected String[] getServletMappings() {
return new String[]{"/"};
@ -67,4 +57,16 @@ public class ServletInitializer extends AbstractAnnotationConfigDispatcherServle
servletContext.addListener(Log4jConfigListener.class);
}
@Override
protected WebApplicationContext createRootApplicationContext() {
return null;
}
@Override
protected WebApplicationContext createServletApplicationContext() {
AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
context.scan(ClassUtils.getPackageName(getClass()));
return context;
}
}

4
src/main/java/com/monkeyk/sos/config/UnityResourceServerConfigurer.java
View File

@ -15,8 +15,8 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Res
* @author Shengzhao Li
*/
// unity-resource
@Configuration
@EnableResourceServer
//@Configuration
//@EnableResourceServer
public class UnityResourceServerConfigurer extends ResourceServerConfigurerAdapter {

2
src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java
View File

@ -66,7 +66,7 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/oauth/**").hasAnyRole("ROLE_USER,ROLE_UNITY,ROLE_MOBILE")
.antMatchers("/oauth/**").hasAnyRole("USER,UNITY,MOBILE")
.antMatchers("/**").anonymous()
.and()
.exceptionHandling().accessDeniedPage("/login.jsp?authorization_error=2")